During an internal audit you discover that staff can still transfer confidential data to personal USB drives. Management already reviews system logs weekly and has a policy that forbids such behavior, but wants a technical measure that blocks it outright. According to standard security control categories, which control type best meets this requirement?
Add a corrective control that automatically deletes unauthorized files from USB drives after transfer
Deploy a detective control that generates real-time alerts whenever files are written to USB media
Strengthen the deterrent control by displaying legal warning banners about data exfiltration penalties
Implement a preventive control that disables or restricts USB mass-storage devices on all workstations
Security control categories describe the intent of a safeguard. A preventive control is designed to stop an unwanted action from occurring in the first place. Disabling or restricting USB mass-storage functionality on endpoints prevents users from writing data to removable media, eliminating the opportunity for unauthorized copies. Detective controls (such as log analysis or alerts) only identify events after they happen, while corrective controls attempt to remediate damage that has already occurred. Deterrent controls, including policies or warning banners, rely on influencing behavior but do not technically block the action. Therefore, a preventive control that technically disallows USB storage access is the most appropriate solution to meet management's requirement to stop the transfers outright.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a preventive control in cybersecurity?
Open an interactive chat with Bash
How can USB mass-storage devices be technically restricted or disabled?
Open an interactive chat with Bash
What is the difference between preventive, detective, corrective, and deterrent controls?
Open an interactive chat with Bash
What are preventive controls in cybersecurity?
Open an interactive chat with Bash
How can USB mass-storage devices be disabled or controlled effectively?
Open an interactive chat with Bash
What is the difference between preventive, detective, corrective, and deterrent controls?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Information Security and Ethical Hacking Overview
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .